Description
Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8, when menu.module is used to create a menu item, does not implement access control for the page that is referenced, which might allow remote attackers to access administrator pages.
Remediation
References
Related Vulnerabilities
Moodle Other Vulnerability (CVE-2005-3649)
MediaWiki Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-31556)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-9859)
WordPress Plugin WP Statistics Cross-Site Scripting (12.6.7)
Oracle Database Server CVE-2006-0260 Vulnerability (CVE-2006-0260)